Date: Fri, 13 Apr 2001 11:10:20 -0400 From: Mark Woodson <mwoodson@wloq.com> To: "Ryan VanMiddlesworth" <ryanvm@ci.richmond.in.us> Cc: <freebsd-questions@freebsd.org> Subject: Re: IPNAT not working with SOME websites Message-ID: <5.0.2.1.0.20010413110616.02356ec0@192.168.100.3> In-Reply-To: <000701c0c2a0$67333920$0401010a@RYANVM5300>
next in thread | previous in thread | raw e-mail | index | archive | help
At 10:59 AM 4/11/2001 -0500, Ryan VanMiddlesworth wrote: >I have a dedicated Internet connection to a particular box running FreeBSD >4.2-STABLE that serves as a gateway. The box has two NICs - one to the >Internet (208.196.36.248) and the other to my internal network >(10.1.0.0/16). I have setup ipfilter and am using ipnat to masquerade the >10.1.0.0 addresses as the 208.196.36.248. [snipped] >Here are my ipnat rules: > map ed0 10.1.0.0/16 -> 208.196.36.248/32 proxy port ftp ftp/tcp > map ed0 10.1.0.0/16 -> 208.196.36.248/32 portmap tcp/udp 10000:40000 > map ed0 10.1.0.0/16 -> 208.196.36.248/32 > >So, what am I doing wrong? I've setup masquerading on Linux a million times >(using ipchains) and I've never had any problems like this. I'm am fairly >certain it must be something I'm doing, just because it's such an easily >reproducible problem that I can't believe no one has ever seen (and fixed) >it. Are you sure it's not your filter rules? That sounds much more like you've got something confused with your filter. Have you tried commenting out everything and just putting "pass in all" and "pass out all" to see if that fixes it? If it does then just add the rules back in one at a time until you find out which one it is that's breaking it. Your NAT rules don't look like there's an error in them to me. -Mark Network Administrator Smooth Jazz 103.1 WLOQ Winter Park, FL USA To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.2.1.0.20010413110616.02356ec0>